Role in IT decision-making process:Align Business & IT GoalsCreate IT StrategyDetermine IT NeedsManage Vendor RelationshipsEvaluate/Specify Brands or VendorsOther RoleAuthorize PurchasesNot Involved

Work Phone:

Company:

Company Size:

Industry:

Street Address

City:

Zip/postal code

State/Province:

Country:

Occasionally, we send subscribers special offers from select partners. Would you like to receive these special partner offers via e-mail?YesNo

Your registration with Eweek will include the following free email newsletter(s):News & Views

By submitting your wireless number, you agree that eWEEK, its related properties, and vendor partners providing content you view may contact you using contact center technology. Your consent is not required to view content or use site features.

By clicking on the "Register" button below, I agree that I have carefully read the Terms of Service and the Privacy Policy and I agree to be legally bound by all such terms.

WEBINAR:On-Demand

As weve said for several years now, security is the first and last step in building an e-business enterprise. It is also the part of the infrastructure task that garners the least applause for a job well done. No one will thank you for keeping all those bad guys out of the companys network. Someone will fire you when one of those bad guys sneaks through.

And there are clear indications that the job is only going to get tougher.

As we write in this weeks Special Report, "The social engineering of security," building that safe network requires a lot more than making some good hardware and IT architecture decisions. It requires an approach that embraces social, political and cultural considerations. As David Thompson states, "Senior leadership wants objective measurement of an inherently subjective discipline; peer managers dont understand that their participation is necessary; users continually do foolish things; the threats are changing daily; and many organizations are forced to do more with fewer people." Sound familiar? Welcome to the security club.

The task can seem overwhelming. Just when you think you have a handle on Windows 2000 security, you can be sure that someone is going to ask about the security aspects of smart tags on Windows XP. Have those laptops locked down? What about the security of those personal digital assistants, which continue to proliferate and demand wireless access to the enterprise? And you can bet that the marketing push that is building behind the advent of Web services will raise questions about the security of those services. If you had to choose today among .Net, WebSphere or Java Web services, youd have a hard time evaluating those products from a security aspect. Like a lot of Web-based products, you often cant judge the security until the service is up and running on the Net.

Further reading

While there is no overarching solution, there are steps to take. One, take a look at the security resources available. Spend sufficient time to learn the differences among www.securityfocus.com, www.sans.org and www.cert.org. And dont forget the sources where the likes of Rain Forest Puppy and the hackers hang out. To you, security is a task that must be constantly updated. To the Rain Forest Puppies of the world, security is a game where their wins make front-page news.

With a recent FBI survey reporting hacks being up nearly 50 percent over last year and nearly 50,000 unfilled IT security jobs in the United States alone, maybe the first place to start is figuring out where you are going to get the security professionals your organization requires. For that, you might want to go right to our recruiting article, "Finding pros for IT security". But before you sit down to read that article, remove the yellow stickies with your passwords attached to your monitor.

Advertiser Disclosure:
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.